WP rest api jwt auth

1 Views

I would like use WP REST API auth with this plugin : https://github.com/Tmeister/wp-api-jwt-auth

I get the token with this req on POST : http://localhost/wp_rest/wp-json/jwt-auth/v1/token

Read More

But I can’t do the request for post mehod:
localhost/wp_rest/wp-json/wp/v2/posts

I get the error 403: 

{
    "code": "rest_forbidden"
    "message": "You don't have permission to do this."
    "data": {
        "status": 403
    }
}

In my header I have this : 

Authorization: Bearer
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9sb2NhbGhvc3RcL3dwX3Jlc3QiLCJpYXQiOjE0NTAzNDEwMTgsIm5iZiI6MTQ1MDM0MTAxOCwiZXhwIjoxNDUwOTQ1ODE4LCJkYXRhIjp7InVzZXIiOnsiaWQiOiIxIn19fQ.rGNPsU4EocClWLYWaSDs1hDJMODszg-eKfqnKSEsiw0

I’m trying with localhost/wp_rest/wp-json/jwt-auth/v1/token/validate but I get this error: 

{
    "code": "jwt_auth_no_auth_header",
    "message": "Authorization header not found.",
    "data": {
        "status": 403
    }
}

Any idea?

Post Views: 1

Related posts

4 comments

  1. It looks like you did not include Authorization headers in your request. You need to add 'Authorization': 'Bearer PLACE_TOKEN_HERE' in your request headers.

    As a sample:

    var req = {
    method: 'POST',
    url: window.location.href + 'wp-json/wp/v2/posts',
    headers: {
      'Authorization': 'Bearer ' + TOKEN_GOES_HERE
    }
    data: DATA TO PASS GOES HERE
}
$http(req);

  2. If the answer provided by Leo Gono and Tunaki still doesn’t solve your problem, make sure you’ve added the following code to your .htaccess if you’re using Apache:

    RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]

    Make sure to put those lines before the last line with an “[L]” in your .htaccess or else it won’t get processed.

    It’s possible that the Authorisation header gets discarded by server of framework settings. (I’ve had to change the htaccess for Laravel)

  3. I bumped into similar problems while setting up the same plugin so I created a video detailing the process I followed to quickly launch a test environment, install the plugin, perform the necessary setup for the plugin to work and then validate its functionality.

    Here it is: https://youtu.be/Mp7T7x1oxDk

  4. I had exactly the same issue. My solution was simple.

    Using the tool (in my case postman (https://www.getpostman.com)), I selected to add the Authentication header (forcing the header) manually. You might want to set it manually when using code, under the HTTP Header section (not as a paramater, just in case 🙂 ).

    Checked enable Authentication header

    Kind regards,
    Reinhard

Comments are closed.